I've been running Scalix now for about 3 months and like it very much, great product. Everything appears to be running fine except that I'm see this errors in my system logs. I searched the forum for an answer, but no luck.
SWA initially loads in under 10sec so I didn't thing postgres is having problems, but these errors could be saying something else. Maybe it could be performing better.
Mar 8 17:41:46 redhat1 kernel: audit(1173393706.614:36): avc: denied { write } for pid=3222 comm="postmaster" name="global" dev=dm-0 ino=15466723 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=dir
Mar 8 17:41:46 redhat1 kernel: audit(1173393706.614:37): avc: denied { add_name } for pid=3222 comm="postmaster" name="pgstat.tmp.3219" scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=dir
Mar 8 17:41:46 redhat1 kernel: audit(1173393706.614:38): avc: denied { create } for pid=3222 comm="postmaster" name="pgstat.tmp.3219" scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=file
Mar 8 17:41:46 redhat1 kernel: audit(1173393706.615:39): avc: denied { remove_name } for pid=3222 comm="postmaster" name="pgstat.tmp.3219" dev=dm-0 ino=15467118 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=dir
Mar 8 17:41:46 redhat1 kernel: audit(1173393706.615:40): avc: denied { rename } for pid=3222 comm="postmaster" name="pgstat.tmp.3219" dev=dm-0 ino=15467118 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=file
Mar 8 17:41:46 redhat1 kernel: audit(1173393706.615:41): avc: denied { unlink } for pid=3222 comm="postmaster" name="pgstat.stat" dev=dm-0 ino=15467120 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=file
Mar 8 17:41:48 redhat1 kernel: audit(1173393708.154:42): avc: denied { read } for pid=5964 comm="postmaster" name="pg_xlog" dev=dm-0 ino=15466724 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=dir
Mar 8 17:41:48 redhat1 kernel: audit(1173393708.155:43): avc: denied { unlink } for pid=3219 comm="postmaster" name=".s.PGSQL.5733" dev=dm-0 ino=15466690 scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=sock_file
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.637:44): avc: denied { read } for pid=6034 comm="postmaster" name="PG_VERSION" dev=dm-0 ino=15466726 scontext=root:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=file
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.637:45): avc: denied { getattr } for pid=6034 comm="postmaster" name="PG_VERSION" dev=dm-0 ino=15466726 scontext=root:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=file
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.638:46): avc: denied { write } for pid=6034 comm="postmaster" name="data" dev=dm-0 ino=15466721 scontext=root:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=dir
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.638:47): avc: denied { add_name } for pid=6034 comm="postmaster" name="postmaster.pid" scontext=root:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=dir
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.638:48): avc: denied { create } for pid=6034 comm="postmaster" name="postmaster.pid" scontext=root:system_r:postgresql_t tcontext=root:object_r:var_t tclass=file
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.641:49): avc: denied { write } for pid=6034 comm="postmaster" name="postmaster.pid" dev=dm-0 ino=15466689 scontext=root:system_r:postgresql_t tcontext=root:object_r:var_t tclass=file
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.641:50): avc: denied { read } for pid=6034 comm="postmaster" name="base" dev=dm-0 ino=15466722 scontext=root:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=dir
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.642:51): avc: denied { name_bind } for pid=6034 comm="postmaster" src=5733 scontext=root:system_r:postgresql_t tcontext=system_u:object_r:port_t tclass=tcp_socket
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.642:52): avc: denied { create } for pid=6034 comm="postmaster" name=".s.PGSQL.5733" scontext=root:system_r:postgresql_t tcontext=root:object_r:var_t tclass=sock_file
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.642:53): avc: denied { setattr } for pid=6034 comm="postmaster" name=".s.PGSQL.5733" dev=dm-0 ino=15467118 scontext=root:system_r:postgresql_t tcontext=root:object_r:var_t tclass=sock_file
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.642:54): avc: denied { read } for pid=6034 comm="postmaster" name="postmaster.pid" dev=dm-0 ino=15466689 scontext=root:system_r:postgresql_t tcontext=root:object_r:var_t tclass=file
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.643:55): avc: denied { write } for pid=6034 comm="postmaster" name="pg_control" dev=dm-0 ino=15466733 scontext=root:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=file
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.644:56): avc: denied { getattr } for pid=6034 comm="postmaster" name="postmaster.opts" dev=dm-0 ino=15466961 scontext=root:system_r:postgresql_t tcontext=root:object_r:var_t tclass=file
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.644:57): avc: denied { remove_name } for pid=6034 comm="postmaster" name="pgstat.stat" dev=dm-0 ino=15466662 scontext=root:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=dir
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.644:58): avc: denied { unlink } for pid=6034 comm="postmaster" name="pgstat.stat" dev=dm-0 ino=15466662 scontext=root:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=file
Mar 8 17:44:14 redhat1 kernel: audit(1173393854.645:59): avc: denied { rename } for pid=6037 comm="postmaster" name="pgstat.tmp.6034" dev=dm-0 ino=15466662 scontext=root:system_r:postgresql_t tcontext=root:object_r:var_t tclass=file
Mar 8 17:44:16 redhat1 scalix-postgres: Starting scalix-postgres service (redhat1): succeeded
Mar 8 17:49:14 redhat1 kernel: audit(1173394154.642:60): avc: denied { write } for pid=6034 comm="postmaster" name=".s.PGSQL.5733" dev=dm-0 ino=15467118 scontext=root:system_r:postgresql_t tcontext=root:object_r:var_t tclass=sock_file
Mar 8 17:51:50 redhat1 kernel: audit(1173394310.933:61): avc: denied { unlink } for pid=6037 comm="postmaster" name="pgstat.stat" dev=dm-0 ino=15466662 scontext=root:system_r:postgresql_t tcontext=root:object_r:var_t tclass=file
Mar 8 18:03:51 redhat1 su(pam_unix)[5872]: session closed for user root
Mar 8 18:04:14 redhat1 kernel: audit(1173395054.427:62): avc: denied { write } for pid=6034 comm="postmaster" name=".s.PGSQL.5733" dev=dm-0 ino=15467118 scontext=root:system_r:postgresql_t tcontext=root:object_r:var_t tclass=sock_file
Mar 8 18:04:16 redhat1 kernel: audit(1173395056.440:63): avc: denied { read } for pid=6166 comm="postmaster" name="pg_xlog" dev=dm-0 ino=15466724 scontext=root:system_r:postgresql_t tcontext=user_u:object_r:var_t tclass=dir
As you can see I tried restarting postgres, no luck the error keep pouring in.
Thoughts?
Side note: what metrics should we expect to see for SWA loading?
Thank,
Ray
Postgrep AVC Error
Moderators: ScalixSupport, admin
-
florian
- Scalix
- Posts: 3852
- Joined: Fri Dec 24, 2004 8:16 am
- Location: Frankfurt, Germany
- Contact:
This looks like you have SELINUX enabled - could that be the case? We generally require this to be turned off in the system configuraiton.
Load time will vary wildly with hardware config and network link speed. Generally, if it loads withiin 10 seconds, that's probably very good.
Florian
Load time will vary wildly with hardware config and network link speed. Generally, if it loads withiin 10 seconds, that's probably very good.
Florian
Florian von Kurnatowski, Die Harder!
Who is online
Users browsing this forum: No registered users and 9 guests